feat: add custom oidc/oauth provider support

src/client/api/authjs/useAuth.ts

@@ -39,7 +39,8 @@ export function useAuth() {
     }
   );
 
-  const loginWithOAuth = useEvent(async (provider: BuiltInProviderType) => {
+  const loginWithOAuth = useEvent(
+    async (provider: BuiltInProviderType | 'custom') => {
       let res: SignInResponse | undefined;
       try {
         res = await signIn(provider, {
@@ -63,7 +64,8 @@ export function useAuth() {
       }
 
       return userInfo;
-  });
+    }
+  );
 
   const logout = useEvent(async () => {
     await signOut({

src/client/routes/login.tsx

@@ -8,7 +8,7 @@ import { Button } from '@/components/ui/button';
 import { Input } from '@/components/ui/input';
 import { useAuth } from '@/api/authjs/useAuth';
 import { useEventWithLoading } from '@/hooks/useEvent';
-import { LuGithub } from 'react-icons/lu';
+import { LuGithub, LuLayers } from 'react-icons/lu';
 
 export const Route = createFileRoute('/login')({
   validateSearch: z.object({
@@ -102,7 +102,8 @@ function LoginComponent() {
           <>
             <Divider>{t('Or')}</Divider>
 
-            <div className="flex justify-center">
+            <div className="flex justify-center gap-2">
+              {authProvider.includes('github') && (
                 <Button
                   variant="secondary"
                   className="h-12 w-12 p-3"
@@ -110,6 +111,17 @@ function LoginComponent() {
                 >
                   <LuGithub size={24} />
                 </Button>
+              )}
+
+              {authProvider.includes('custom') && (
+                <Button
+                  variant="secondary"
+                  className="h-12 w-12 p-3"
+                  onClick={() => loginWithOAuth('custom')}
+                >
+                  <LuLayers size={24} />
+                </Button>
+              )}
             </div>
           </>
         )}

src/server/model/auth.ts

@@ -89,6 +89,10 @@ export const authConfig: Omit<AuthConfig, 'raw'> = {
         name: 'Google',
         ...env.auth.google,
       }),
+    env.auth.provider.includes('custom') && {
+      id: 'custom',
+      ...env.auth.custom,
+    },
   ]),
   adapter: TianjiPrismaAdapter(prisma),
   secret: env.auth.secret,

src/server/utils/env.ts

@@ -18,6 +18,7 @@ export const env = {
       !!process.env.EMAIL_SERVER && 'email',
       !!process.env.AUTH_GITHUB_ID && 'github',
       !!process.env.AUTH_GOOGLE_ID && 'google',
+      !!process.env.AUTH_CUSTOM_ID && 'custom',
     ]),
     restrict: {
       email: process.env.AUTH_RESTRICT_EMAIL, // for example: @example.com
@@ -35,6 +36,14 @@ export const env = {
       clientId: process.env.AUTH_GOOGLE_ID,
       clientSecret: process.env.AUTH_GOOGLE_SECRET,
     },
+    custom: {
+      // Reference: https://authjs.dev/guides/configuring-oauth-providers
+      name: process.env.AUTH_CUSTOM_NAME || 'Custom',
+      type: process.env.AUTH_CUSTOM_TYPE || 'oidc', // or oauth
+      issuer: process.env.AUTH_CUSTOM_ISSUR,
+      clientId: process.env.AUTH_CUSTOM_ID,
+      clientSecret: process.env.AUTH_CUSTOM_SECRET,
+    },
   },
   allowRegister: checkEnvTrusty(process.env.ALLOW_REGISTER),
   allowOpenapi: checkEnvTrusty(process.env.ALLOW_OPENAPI ?? 'true'),